CUSTOMER RELEASE NOTES 




Efficient Networks, Inc, 



Efficient SpeedStream™ 5800 Business Class Routers 

Firmware version 4.0.x (May 3, 2000) 



1 INTRODUCTION: 



Thank you for choosing Efficient as your solution for Internet access and LAN-to-WAN connectivity. 
The following documents are provided to help you with the setup and configuration of your router: 

• Customer Release Notes (this document) 

• Quick Start Guide (printed - discusses hardware setup, Web Easy Setup application) 

• Command Line Interface document (on CD - covers console or Telnet configuration and advanced settings) 

Important Note: Please, use the Quick Start Guide. Refer to the other documents, only if needed. 

This document contains late-breaking information about your router and has the following sections: 

Hardware Compatibility 
Configuration Notes 
Key Changes in this Release 
Known Problems 
Documentation 
Technical Support 



This release note covers the following hardware model: 

5851 SDSL 5865 ADSL DMT/ ISDN 

5861 ADSL DMT 5871 IDSL 

The software product numbers and DSLAMs supported are: 

120-5851-001 SDSL ATM to the Nokia SpeedLink™ DSLAM 
120-5851-002 SDSL ATM to the Nokia SpeedLink™ DSLAM 
120-5851-004 SDSL FR to the Copper Mountain DSLAM 
120-5851-005 SDSL Point to point with a second 120-5851-005 
120-5851-006 SDSL ATM to the Promatory DSLAM 
120-5851-007 SDSL FR to the Interspeed DSLAM 
120-5851-008 SDSL ATM to the Lucent Stinger DSLAM 
120-5851-012 SDSL ATM to the Newbridge Networks DSLAM 
120-5851-014 SDSL ATM to the RCNets DSLAM 
120-5851-015 SDSL ATM to the Paradyne DSLAM 
120-5861-001 (2/5 WAN pin-out) ADSL Alcatel compatible DSLAMs 
120-5861-002 (3/4 WAN pin-out) ADSL Alcatel compatible DSLAMs 
120-5861-005 ADSL Alcatel compatible DSLAMs (PPPoE GUI version) 
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120-5861-006 ADSL Centillium compatible with Interspeed, Copper Mountain DSLAMs 
120-5861-007 ADSL Globespan compatible with Cisco, Promatory DSLAMs 
120-5865-001 G.DMT over ISDN (Annex B) to a Nokia or Alcatel DSLAM and compatibles 
120-5871-001 IDSL to Adtran, AccessLAN, Cisco, New Bridge, Nokia, Pulsecom, Promatory 
120-5871-003 IDSL to the Copper Mountain DSLAM 

The model and product numbers are on the bottom of the router and are displayed by the web GUI after 
connecting to the router. 

| CONFIGURATION NOTES: 

This device may be configured using several different methods: 

• Using Easy Setup from a web browser connected to the router's default IP address of 192.168.254.254 

• Using the Windows Quick Start application, which is installed from the Installation CD 

• From the console port using the Command Line Interface (CLI) (requires console cable to be connected) 

• From a Telnet session connected to 192.168.254.254, again using the CLI 

Web Easy Setup GUI: 

The simplest method is to use your web browser and connect to the router's built in Web Easy Setup application. 
Be sure to set your PC's IP driver to use DHCP to get an IP address from the router before trying to connect. 
If your PC is on a different LAN, type at a Window's DOS command prompt: 

route add 192.168.254.254 x . x . x . x, where x is the PC's IP address. 

To access the Web GUI, connect to 192.168.254.254 and use the username login and the password admin. 
Follow the prompts and enter the values provided by your Network Service Provider. 

Security Caution: 

DSL devices are always on by nature and can pose a data security risk if precautions are not taken. 

This router supports HTTP access for configuration changes and this can be a security risk if access is not 
controlled. The web GUI has a 'Change Access Control' button. You may wish to select 'Allowed from LAN' to stop 
access from the Internet (WAN). Telnet access and SNMP access can also be disabled. 
The CLI provides additional commands that allow finer grained access controls. 

IP Packet Filtering is included with your router, but it needs to be configured. It is discussed at length in the 
Command Line Interface document (on Installation CD). A sample set of filters is provided in the FILTERS.TXT 
file in the samples directory (see Samples below). Be sure to edit the file to fit your specific configuration and 
seek expert help if you are not familiar with security. IP filters only work if IP routing is enabled. 

Additional Software Tools: 

A set of Microsoft Windows applications are on the Installation CD that allows you to configure the router, install 
new software versions, and set up other advanced options. 

There is also a Command Line Interface (CLI) that you may need to set up certain settings like IP filters, host 
mapping, IPX and optional features like encryption and VPN. 

Sample configurations: 

There are sample files with CLI configuration commands in the directory called samples (if you selected install 
documentation when installing the Windows Quick Start application). These script files can be edited to fit your 
specific configuration and then copied to the router using the Quick Start application by clicking the Tools and 
Execute Script buttons. 
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VPN Software Options: 

IPSec, L2TP, DES and Triple DES are software options that can be installed on the router. However, they must be 
purchased separately and then activated. IPSec and the associated Internet Key Exchange (IKE) can be 
configured using the Web GUI or by using the CLI. 

L2TP is configured using the CLI. See the Command Line Interface document for details. Sample configuration 
files are provided in the samples directory. 

Configuration Tips: 

DLCI or PVC numbers are preset and they must match the other end. The Web GUI displays the values. 
The PWR, TEST, and LINK lights must be solid green for a good connection. 
The if s command shows the physical link status (open is good). 

The remote stats command indicates whether data is actually being received or sent (bytes in/out). 
If no bytes are received, check the link protocol setting or WAN line speed setting. 
Use the ping or traceroute command to verify the link. 



KEY CHANGES IN THIS RELEASE: 



IP Security (software option) 

Internet Key Exchange including Aggressive Mode (DES and 3DES) 
IPSec with AH, ESP (DES/ 3 DES) 

Implements RFCs 2104, 2401, 2402, 2403, 2404, 2405, 2406, 2407, 2408, 2409,2410, 2412, 2451 
L2TP tunneling via IPSec transport mode 

Transport mode IPSec allows encrypted communications for telnet, snmp, http etc. to the router directly. 
SNMP IPSec monitor (Draft-ietf-ipsec-monitor-mib-02.txt) 
SNMP IP tunnel monitoring MIB (RFC2667) 
Web GUI supports IPSec/ IKE 

IPSec Notes: Interoperability testing has been done with: Cabletron SSR600, Nortel Contivity, Intel, hi/fn, 
Radguard, Cayman and NetScreen. 

New Features 

PPP over Ethernet - RFC2516 

Multiple Ethernet Subnets on the LAN supports NAT, RIP, DHCP, ARP and IP filters 

Virtual routes - different routing tables based on the source IP address 

Web GUI supports PPPoE bridging, feature activation, time setting 

Web GUI supports PPPoE login (1 20-5861 -005) 

NAT supports multiple PPTP clients and one server per IP address 

Dual Ethernet router now defaults to IP router, not a bridge (120-5781-001) 

SDSL Nokia EOC is supported (Requires R5 of Nokia SDSL DSLAM, 120-5851-001, -002) 

DMT version upgraded to Alcatel version 3.6.66 (120-5861-006 and -007 only) 

dmt link command for G.Lite, G.DMT or Multimode selection (1 20-5861 -xxx) 

IDSL Line provisioning diagnostics - 2B+D loopback (120-5871-001) 

Support for AccessLAN IDSL DSLAMs (120-5871-001) 

Support for Paradyne SDSL line card (120-5871-015) 

Support for NewBridge SDSL router management channel (120-5851-012) 

Support for RCNet DSLAM (120-5851-014) 



KNOWN PROBLEMS: 
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Some applications such as Microsoft Net Meeting and VOIP (H.323) that use IP or UDP protocols may have 
problems with Network Address Translation. You can avoid this problem by turning off NAT and running as a 
subnetwork to your ISP. Applications that are supported are: AOL chat, Cu SeeMe, Doom, FTP, L2TP, HTTP, Kali, 
Netbios over IP, PCanywhere, PPTP, Quake, Quicktime Video, Real Audio, RTSP, SGI Media Base, SMTP, 
Streamworks, Telnet, TFTP, Unix commands (finger, rep, rshell, rlogin, whois), VDO. 

Some PPP termination systems do not completely support IP address negotiation. Communications with such 
systems can result in protocol hangs. The command: 

remote setpppoptions reacqIPAddr off <remote name> 

can be used to force the router to always request a new IP address whenever the PPP session is terminated, thus 
providing a work around until the software in the other systems has been changed. 



Large IP packets (>1600 bytes) will not pass through IPsec tunnels. 



MS Internet Explorer does not honor the no cache option. Thus old values appear in the Web GUI rather than the 
current ones. You need to hit the refresh button to see changed values. Netscape does not have this problem. 



DOCUMENTATION: 



The Command Line Reference manual is included in soft copy format. The file is on CD and is installed when the 
Windows software is installed. You need the freely-available Acrobat Reader to view and print this document. If 
you don't have the Acrobat Reader already installed on your system, you can install it from the Installation CD or 
from Adobe's Web site (http://www.adobe.com/) . The Acrobat Reader is available for a very wide range of 
platforms, including MS Windows, Macintosh and many Unix systems. 



Should you have any difficulty installing or operating the product, feel free to contact Technical Support. 

Before you call, please try to gather a trace file. If you can connect to the router with Quick Start, select 'Help' and 
'Technical Support Data' from the menu. This will generate a file that can be used to analyze the problem. 

If you can't connect to the router, but are able to use the console interface, start Configuration Manager and use 
the Tools | Terminal Window menu and then select the 'Technical Support Data' item. If you are using the 
Terminal or HyperTerminal applications that come with Windows or any other terminal emulation program (use the 
parameters: 9600, 8N1), type system support and copy and paste the result into a file. 



Efficient Networks, Inc. 
5200 Great America Parkway 
Santa Clara, CA 95054 

Phone: +1(408) 878-6810 Fax: +1(408)878-6801 

Internet mail: support@efficient.com FTP: ftp.systemv.com/support 
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